Head of Information Security Assurance

Job Title Head of Information Security Assurance
Sector Cyber Security
Location London
Type Permanent
Salary Confidential

Head of Information Security and Assurance

My client, a financial services provider in the City are actively looking for a Head of Information Security and Assurance to join their existing team. This is a newly created permanent position and will see you driving forward security strategy for the organisation as they continue to evolve into 2020. Ideally you will have substantial experience working in a highly regulated, financial services or payments focussed organisation.

Role Purpose

  • The Head of Information Security and Assurance provides oversight and assurance across the Information Security Framework, to help risk owners to improve their security controls and governance.
  • Ensuring proper governance, risk management and compliance management of all IT systems and processes that support the business operation.
  • Responsible for maintaining the ISO27001:2017 certification.
  • Selection and implementation of the Information Security tooling suite across business operations.

Experience & knowledge

  • Proven senior management experience operating across a C-level stakeholder group, in information security and/or counter-fraud over a minimum of 10 years
  • Significant professional experience in managing a team of information security and/or fraud investigation specialists.
  • An understanding of Information Security Governance, Risk and Compliance policies, controls and best practice.
  • Experience of IS risk frameworks and the management of these risks across a dynamic business.
  • Significant professional knowledge of ISO27001.
  • Experience of information security risk assessments, threat modelling and cyber security incident management.
  • A sound understanding of cloud infrastructure, project management, development and devops within a fast moving implementation environment.
  • Proven leadership skills including performance management and improvement, measurement of KPIs, situational leadership, issue resolution, negotiation and motivating others.
  • Demonstrable experience in a stakeholder-facing role.
  • Previous experience of managing an Information Security Management System (ISMS).
  • Awareness of regulatory requirements of the sector (e.g. PSD2)
  • Demonstrate experience in identifying, classifying and managing security related risks across an organisation.
  • Ideally held an information security governance role within a financial organisation.

Please feel free to get in touch for an informal discussion - mary.pearson@sandersonplc.com

Apply for this position: